Using fibers to execute shellcode in a local process via csharp
☆28Jan 2, 2022Updated 4 years ago
Alternatives and similar repositories for Fiber_ShellcodeExecution
Users that are interested in Fiber_ShellcodeExecution are comparing it to the libraries listed below
Sorting:
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago
- Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.☆62Sep 6, 2021Updated 4 years ago
- ProcessHollowing via csharp☆13Dec 21, 2021Updated 4 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- Bypass AMSI☆13Aug 8, 2021Updated 4 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Process inject technique "Thread hijacking" via csharp☆15Dec 18, 2021Updated 4 years ago
- ☆18Aug 15, 2021Updated 4 years ago
- ShellCodeLoader via DInvoke☆60Jul 5, 2021Updated 4 years ago
- Bypassing ETW with Csharp☆27Oct 28, 2021Updated 4 years ago
- Bypass windows eventlogs & Sysmon☆20Aug 24, 2021Updated 4 years ago
- Inject shellcode into process via "EarlyBird"☆26Aug 30, 2021Updated 4 years ago
- Load shellcode via syscall☆56Jul 28, 2021Updated 4 years ago
- HookDetection��☆45Sep 3, 2021Updated 4 years ago
- A Simple ShellcodeLoader☆11Jun 4, 2021Updated 4 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Command line & PPID spoofing☆29Apr 15, 2023Updated 2 years ago
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- decrypt rdp credentials to password using mimikatz.☆28Dec 18, 2020Updated 5 years ago
- ☆14Sep 2, 2021Updated 4 years ago
- A Generic WOW64 Process Blocker☆14Jul 16, 2021Updated 4 years ago
- uuid-shellcode-execution☆13May 9, 2021Updated 4 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆151Nov 21, 2021Updated 4 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- Golang C2 and Beacon/Agent built from the ground up for scalability and expandability☆14Mar 16, 2021Updated 4 years ago
- 杂 物 收 纳☆15Aug 4, 2023Updated 2 years ago
- golang uuid-shellcode加载器,分离执行,可直接把shellcode写入程序。☆15Aug 12, 2021Updated 4 years ago
- maldev obviously☆28May 5, 2025Updated 9 months ago
- Golang implementation of Reflective load PE from memory☆64Jan 10, 2022Updated 4 years ago
- 漏洞利用,Vmware vCenter 6.5-7.0 RCE(CVE-2021-21972),上传冰蝎3,getshell☆13Mar 1, 2021Updated 4 years ago
- Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process☆47Jun 15, 2022Updated 3 years ago
- Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets☆48Aug 4, 2021Updated 4 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆117Dec 26, 2021Updated 4 years ago
- bypass AV生成工具,目前免杀效果不是很好了,但是过个360,火绒啥的没问题☆107Nov 7, 2021Updated 4 years ago
- TeamServer.prop is an optional properties file used by the Cobalt Strike teamserver to customize the settings used to validate screenshot…☆68Aug 5, 2025Updated 6 months ago
- Create Cobalt Strike malleable C2 profiles with HTTPS configs☆18May 23, 2020Updated 5 years ago